Every day hundreds of thousands of people interact electronically. For example, people use electronic mail (e-mail) to correspond with one another and to send information. People and businesses rely heavily on networks of computers or other electronic devices to manage, protect, and transfer important information. Millions of dollars are electronically transferred daily via bank networks and automatic teller machines (ATMs). People use cellular phones and other wireless personal digital assistants (PDAs) to communicate and transfer information on a daily basis.
The advent of the Internet, comprised of millions of interconnected computers, has accelerated electronic interaction dramatically. The Internet allows nearly instantaneous communication and transfer of information to virtually anywhere in the world. The World Wide Web (www) is used for online business, data distribution, marketing, stock exchange, online banking, gaming, research, learning, and a myriad of other activities.
When parties interact face to face or by using a physical medium such as paper, it is relatively easy to authenticate the credentials of those who are interacting. For example, if a person walks into a bank and tries to make a withdrawal, the bank teller can ask for and verify his or her identification before giving the requested funds. A person's signature on a contract is considered sufficient to guarantee his or her approval of the contract. Likewise, if a person goes into a store and buys an item with a credit card, it is easy for a cashier to take precautions so as to be reasonably sure that the person is the true owner of that credit card.
However, in the realm of electronic interaction, such physical means of authentication cannot be used. People and businesses will not transfer funds, buy an item over the Internet, or otherwise manage and transfer confidential information using any electronic device unless they feel that their electronic interactions are secure and safe. Thus, in a world where decisions and agreements are communicated electronically, electronic techniques for providing authentication, security, and privacy are needed.
Cryptography is the study of techniques and applications that can be used to protect sensitive information, maintain privacy in communications, authenticate users in transactions, and perform other security measures in information transfer. Cryptanalysis is the study of how to compromise, or defeat, cryptographic mechanisms. A hacker, for example, is a person who studies and practices cryptanalysis. Cryptology is the discipline of cryptography and cryptanalysis combined.
Cryptography allows people to carry over the confidence found in the physical world to the electronic world, thus allowing people to do business electronically without undue worries of deceit, breaches in privacy, or lack of security. The perpetual increase of information transmitted electronically has led to an increased reliance on cryptography.
For example, cryptography techniques help make web sites secure and electronic transmissions safe. This allows people to do online banking, online trading, and make online purchases with their credit cards without worrying that their account information is being compromised. Cryptography is very important to the continued growth of the Internet and electronic commerce.
Cryptography is also used in phones, televisions, and a variety of other common household items. Without cryptography, hackers could much more readily access someone else's private e-mail, listen in on phone conversations, tap into cable companies and acquire free cable service, or break into bank accounts.
A major emphasis in cryptography includes encryption and decryption. Encryption is the transformation of data into a form that is apparently unintelligible and extremely difficult, if not impossible to access in a reasonable amount of time without the appropriate knowledge, e.g., a key. Keys will be explained further below. Encryption's purpose is to ensure privacy by keeping information hidden from anyone for whom it is not intended, even those who have access to the encrypted data. Decryption is the reverse of encryption; it is the transformation of encrypted data back into an intelligible form. For a web site to be secure, for example, all of the data transmitted between the computers where the data is stored and where it is received must be encrypted. The receiving computers must then be capable of decrypting the data.
While modern cryptography is growing increasingly diverse, cryptography is fundamentally based on problems that are difficult to solve. A problem may be difficult because its solution requires the use of some secret knowledge. A problem may also be difficult because it is intrinsically difficult to complete, such as finding the factors of an extremely large number.
As explained above, successful encryption and decryption depend on some sort of secret knowledge ideally known by only the parties performing the encryption and decryption. This piece of knowledge is referred to as a key. A key is usually a sequence of random or pseudorandom bits. Thus, a person without the right key cannot send, receive, or interpret someone else's sensitive information. Keys are also used for electronic authentication, digital signatures, digital timestamps, and for other electronic security purposes. As used hereafter and in the appended claims, unless otherwise specifically denoted, the term “electronic transaction” will be used to refer expansively to all possible electronic communication that requires the use of one or more keys.
Currently, there are two types of cryptosystems: secret-key and public-key cryptography. In secret-key cryptography, also referred to as symmetric session cryptography, the same key is used for both encryption and decryption. The main challenge of symmetric session cryptography is getting the sender and receiver to agree on the symmetric session key without anyone else discovering the symmetric session key. If they are in separate physical locations, for example, they must trust a courier, a phone system, or some other transmission medium to prevent the disclosure of the symmetric session key. Anyone who overhears or intercepts the key in transit can later read, modify, and forge all messages encrypted or authenticated using that key. The generation, transmission, and storage of keys are called key management. All cryptosystems must deal with key management issues. Because all keys in a symmetric system cryptosystem must preferably remain secret, symmetric session cryptography often has difficulty providing secure key management, especially in open systems with a large number of users.
As a result of the key management issues associated with symmetric session cryptography, public-key cryptography was developed. In public-key cryptography, each user has a public key and a private key. The public key is made public while the private key remains secret. Encryption is performed with the public key while decryption can only be performed with the private key. In public-key cryptography, the need for the sender and receiver to share secret information is eliminated; all communications involve only public keys, and no private key is ever transmitted or shared. Thus, it is not necessary to trust the security of some means of communicating a symmetric session key. Anyone can send a confidential message by just using public information. The message can only be decrypted using a private key, which is in the sole possession of the intended recipient.
One current disadvantage, however, with public-key cryptography is that the private key is linked mathematically to the public key. Therefore, it is possible to attack a public-key system by deriving the private key from the public key. However, this typically requires unreasonably large amounts of time or other resources.
Currently, symmetric session keys and private keys can be stored on the hard drive or other non-volatile storage unit of a user's computer or other electronic device, such as a cable set-top box (STB). The user can then use these keys to securely communicate electronically. However, the storage of keys on a user's computer or other device in the control of the user presents various problems. First, the user can copy a key residing on his or her computer or other device, for example, and distribute the copied key to other people. These people may then be able to assume the user's electronic identity and send or receive information that is intended for use by the original user only. Such situations could occur in cases where a person pays a monthly subscription rate to receive content over the Internet or via a cable television system. If this person distributes the key that allows access to the paid content, multiple users could receive the content without paying for it.
A second problem with storing keys on a user's computer or other electronic device involves tampering and theft. An unauthorized person could copy a user's key if the user accidentally leaves his or her computer or other electronic device unattended or electronically unprotected. This unauthorized person could then send and receive potentially private information intended for the original user.
Thus, there is a need in the art for a method and system of preventing the unauthorized distribution and use of keys, including symmetric session keys and private keys, used in secure electronic communications. As used hereafter and in the appended claims, unless otherwise specifically denoted, the term “key” will be used to refer expansively to all possible electronic communication keys, including symmetric session keys and private keys.
There are several approaches to prevent unauthorized distribution and use of keys. One approach is to use fraud management. Fraud management is the detection of multiple active hosts who have assumed the same identity. A host could be a computer that is connected to the Internet, for example, or a STB connected to a cable network. As used hereafter and in the appended claims, unless otherwise specifically denoted, the term “host” will be used to refer expansively to any electronic device used by a user to communicate electronically.
There are several disadvantages of fraud management. First, fraud management detects fraud after the fraud has already occurred and does little to prevent the illegal use of keys from happening in the first place. Fraud management also requires additional cost and overhead and is not foolproof.
Another protection against the illegal distribution and use of keys is the use of a tamper-resistant key storage device that would make it preferably infeasible for a hacker to extract and then copy keys. The device preferably destroys its contents if ever opened and shields against attacks using electromagnetic radiation. There are many possible designs for tamper-resistant key storage, including key-containing hosts that are activated by the use of a special physical key or by the detection of a unique physical trait of an authorized user.
However, it is not currently economically viable to require that every user who wants to send and receive sensitive information have a tamper-resistant key storage device. Thus, this protection method is not preferable for large numbers of users.
The fact is that no security measure to combat unauthorized distribution and use of keys is completely foolproof. This is generally accepted in the field of cryptology. Thus, implementing more than one security measure to prevent unauthorized key distribution and use would provide better protection than would using only one method of security.